• Advertise
• Search
• Free Magazines
• Newest Links
• Categories
• Register
• Login

SECURITY ALERT : Fraudulent Digital Certificates

Added by Papergrl

Description: In March 2001, VeriSign Inc. discovered through its routine fraud-screening audit that it had inadvertently issued two VeriSign Class 3 code-signing digital certificates on 29th and 30th January 2001 to an impostor who fraudulently claimed to be an employee of Microsoft Corporation. Microsoft Corporation immediately issued a Security Bulletin MS01-017 describing the security threat created by these software certificates falsely identified as Microsoft certificates. The bulletin stated that the vulnerability could affect all customers using Microsoft products. Microsoft also made it clear that this was not a security problem with any Microsoft product nor did it indicate that any of Microsoft’s official certificates had been compromised. Digital certificates are critical for businesses and customers who download patches, updates and various other forms of software from the Internet, because they allow software developers to digitally sign their software for secure delivery.